Protect your smart contracts and DeFi protocols with Three Sigma, a trusted security partner in blockchain audits, smart contract vulnerability assessments, and Web3 security.
M^0 Labs is building a decentralized framework for the permissionless minting of on-chain currencies, governed by decentralized institutions. At the core of the system lies the $M token—a digital representation of value designed to inherit the minimal risk profile of physical cash while offering the efficiency of programmable money.
Why Did They Need an Audit?
M^0's contracts coordinate sensitive economic mechanisms such as collateral verification via validators, dynamic mint rate enforcement, token inflation through governance voting, and auction-based token distribution. Failure in any of these areas could lead to infinite minting, unauthorized access to vaults, or denial of service (DoS) on key governance functions. The M^0 team engaged Three Sigma for a comprehensive 8 person-week audit ahead of mainnet deployment.
Audit Date: 2024-01-08
Language: Solidity
Type: Code Audit
Results and Findings
Key High-Severity Issues
Missing deadline in Dutch auction buy leads to MEV risk
Description:PowerToken.buy() lacked a deadline parameter, exposing buyers to significant losses via delayed execution of stale transactions at higher prices in future auctions. Mempool-pending transactions could be bundled by ZeroToken holders, extracting disproportionate value.
Resolution: Deadline parameter added and enforced via timestamp check.
Validator signatures with zero timestamps are replayable indefinitely
Description: If all validator signatures had timestamp zero, the update logic treated the timestamp as block.timestamp, allowing unlimited re-use of old signatures. This opened a path for a minter to misrepresent real-world collateral and mint $M backed by non-existent reserves.
Resolution: Protocol now rejects any signature with a zero timestamp.
Notable Medium-Severity Issues
Total principal invariant in MToken can be silently broken
Description: An unchecked addition in _addEarningAmount() could overflow principalOfTotalEarningSupply, especially when different rates are used across minting contracts. This overflow could persist until a safe cast fails in mint, but not always.
Resolution: Now uses checked math to avoid silent overflows.
Timestamps with higher-than-minimum values reusable in validator consensus
Description: A validator signature with a future timestamp could be re-used in multiple calls, as only the minimum of all timestamps is enforced. This could delay penalization or mislead the system about recency.
Resolution: Acknowledged. Future fix may flag digests or limit deviation among timestamps.
Severity Issues
critical
high
2
informational
Several
medium
2
low
11
Audit Period
8 PW
Report
Audit Period
8 PW
Severity Issues
critical
high
2
medium
2
low
11
informational
Several
Report
In conclusion
Three Sigma performed a full-stack security review of M^0 Labs’ 2,927-line protocol, encompassing governance, validator signature verification, inflationary supply logic, and collateral-backed stablecoin minting. While no critical vulnerabilities were discovered, we identified two high-severity bugs that could be exploited by mempool relaying and signature replay. These were fully addressed. The M^0 system displays solid design fundamentals and is supported by extensive testing and modularity, though continued monitoring and validator behavior assumptions should remain a core focus post-launch.
Secure Your Crypto Project Before It’s Too Late. Get in Touch Today.